Security Web Digest: Microsofts Ballmer calls for taking the offensive against viruses ... and More

New Homeland Security Cyber-Security Chief Homeland Security IT spending slow to ramp up New Spec to allow, limit music downloads College students see no wrong in music piracy Man pleads guilty to running MSN "phisher" si


Likening the threat of computer viruses to bank robbers in the Old West, Microsoft Corp. Chief Executive Steve Ballmer on Monday called for a redoubling of innovation to keep the spread of malicious computer code at bay. "In the Old West, the banks didnt shut down because of the bank robbers," he told a luncheon gathering in Silicon Valley. "They improved the banks, they improved law enforcement. They went after them." Ballmer said the latest attacks represented a threat to many software companies, not just Microsoft. Yet his company faces a particular responsibility, he said, because of the presence of Windows on personal computers everywhere.

Homeland Security

The Department of Homeland Security has tapped Amit Yoran, formerly vice president for Managed Security Services at Symantec Corp., to lead the agencys cyber-security division. Yoran, whose appointment will be formally announced Tuesday, will be charged with implementing the Administrations cyber-security strategy. The department also is creating a new national computer emergency response team, to be called the U.S. CERT. The new organization will work closely with the CERT Coordination Center at Carnegie Mellon University in Pittsburgh.

ITs share of spending on homeland security wont live up to expectations. At least thats the opinion of Gartner Research analyst Rich Mogull, one of authors of a new research report dubbed: "Dont Plan on the Market for Homeland Security IT Before 2006." Mogull said, "What money is being spent on homeland security is being spent to get first-responder equipment and personnel on the streets." Meanwhile, the largest homeland security IT challenge -- and largest IT market opportunity -- remains the development of a coordination and communication infrastructure linking federal, state and local agencies, as well as among agencies within each governmental branch, Mogull said.

Intellectual Property

Intel, Sony and a host of Japanese electronics manufacturers on Tuesday plan to propose a standard for allowing consumers to freely swap movies and music downloaded from the Internet between all the devices in their homes. The Digital Transmission Content Protection over IP (Internet Protocol) specification, embodied in home networks, would permit consumers to play downloaded music or movies on any PC or digital device in the home. However, the downloaded material cant be transmitted outside the home or copied.

A majority of college students have no ethical problems downloading copyrighted music without paying, according to a new study by researchers Norma Mendoza of the University of Arkansas and Jennifer Christie of the University of Dayton. Fifty-four percent of respondents in their study of 82 college students thought that downloading copyrighted materials was ethical, even if it was illegal. The same college students who could be accused of stealing music online never steal offline. "Most respondents said that they never shoplift, but nearly 71 percent had downloaded copyrighted materials," Mendoza said.


A Chicago man pleaded guilty last week to wire fraud in connection with a scheme that used a phony Web site to steal credit card and account information from customers of Microsoft Corp.s Microsoft Network (MSN) ISP business. As part of a plea agreement, 21-year-old Matthew Thomas Guevara acknowledged that he set up a Web site,, that was designed to harvest personal financial and account information. Guevara then sent e-mail from Hotmail accounts to MSN customers asking them to visit the site and update their MSN account information, according to a statement from the U.S. Department of Justice (DOJ). The plea agreement is the latest salvo in the governments stepped-up efforts against identity theft and so-called "phisher" Web sites, which mimic legitimate Web sites and trick unsuspecting Internet users into divulging sensitive personal and financial information.